Items Tagged with "Network Security"


Network Design, Wireless Security, and Password Policies - Business Beware

October 15, 2012 Added by:Gary McCully

A while back I was on a wireless assessment in which I was able to compromise the client’s primary Windows Domain from their guest wireless network. My hope in writing this article is that organizations will take their network design, wireless security, and password policies a little more seriously...

Comments  (0)


Top Ten Ways to Prevent Data Breaches

October 11, 2012 Added by:Paul Kenyon

Users with admin rights are loose cannons -- you just don’t know when or where they are going to strike, and the results can be devastating to the company’s security infrastructure. Once a problem occurs, it often unravels into a downward spiral taking your business - and reputation - down with it...

Comments  (3)


Securing Smart Grid, SCADA, and Other Industrial Control Systems

October 11, 2012 Added by:Ben Rothke

The Stuxnet computer worm of mid-2010 was a huge wake-up call for the energy industry. It also catapulted SCADA from an obscure term to the forefront of industrial security. But nearly two years later, it is unclear if the energy sector is adequately prepared for sophisticated information security threats...

Comments  (2)


Quick and Dirty Plan for Critical Infrastructure Security Improvement

October 11, 2012 Added by:Brent Huston

I was recently engaged with some critical infrastructure experts on Twitter. We were discussing a quick and dirty set of basic tasks that could be used an approach methodology for helping better secure the power grid and other utilities. There was a significant discussion and many views were exchanged...

Comments  (0)


Somewhere Over The Rainbow – A Story About A Global Ubiquitous Record of All Things Incident

October 10, 2012 Added by:Ian Tibble

Most businesses don’t even know they were hacked until a botnet command and control box is owned by some supposed good guys somewhere, but all talk of security is null and void if we acknowledge reality here. So let’s not talk reality...

Comments  (0)


The Derecho Named Cyber

October 10, 2012 Added by:Joel Harding

The discussions we had back in the mid-90s are still ongoing, we still don’t have a proper information sharing cybersecurity bill and people still don’t trust the government to maintain their privacy. Please, members of congress and business leaders, work on cybersecurity as if our lives depend on it...

Comments  (1)


Online Banking: A Trust Opportunity to (Re)gain?

October 09, 2012 Added by:Mikko Jakonen

How come banks are telling people to maintain their security better, without putting their OWN reputation and capabilities in line with the DIRECT consequences of the change paradigm towards ‘webalized’ approach we have witnessed for years, has now resulted as poor operational security...

Comments  (0)


What’s Your Horizon of Focus for Security?

October 09, 2012 Added by:Tripwire Inc

In the corporate world, we talk a lot about corporate goals & objectives. In the US Government, you hear a lot about “The Mission,” which is the unifying goal that ties an agency (or multiple agencies) together in a shared sense of purpose. I’m a big believer in connecting our actions as information security professionals to The Mission...

Comments  (0)


Another HAck-bAck Blog

October 04, 2012 Added by:Jim Palazzolo

Is it the legal structure that makes it taboo, or the ambiguity of the target? What are the implications? Could a corporation accidentally set off a cyber flashpoint by attacking targets in other countries? And, is it an organization’s legal right, like an individual, to defend itself?

Comments  (1)


Ask The Experts: Workstation Malware

October 04, 2012 Added by:Brent Huston

Once we’ve embraced the fact that we need better detection and response mechanisms, we start to see how honeypots can help us but also how creating better awareness within our users can be the greatest investment an organization might make in detection...

Comments  (0)


How to Protect against Denial of Service Attacks: Refresher

October 03, 2012 Added by:Stephen Marchewitz

In order to mitigate this threat, ISPs will need to combine their efforts. It would take a global effort on the part of the ISPs. Until then, the capabilities are there to deal with the issue when it arises on a per incident basis...

Comments  (3)


Cyberwar, Cyberdouchery, and Where the Rubber Meets the CyberRoad

October 01, 2012 Added by:Infosec Island Admin

The cyberwar is upon us and we had best start taking it seriously because people in power are making plans, and like biological warfare, it seems perhaps there could be unforeseen circumstances that could trigger bigger and worse things. Plan accordingly and think a bit more cogently...

Comments  (2)


Old School On-Target NBNS Spoofing

September 30, 2012 Added by:Rob Fuller

So it turns out that Windows Firewall talks IP addresses just like any other firewall, so if you configure FakeNetBIOSNS to tell everyone that the IP address for whatever they looked up is YOUR IP, guess what, no need to bypass the spoof filters...

Comments  (7)


On the Lack of IT Readiness: The Security Edition

September 30, 2012 Added by:Rafal Los

Sticking to the basics wouldn't be such a bad thing in Security... if we had a clue on how to do the basics right. I know plenty of people who pentest all day every day and they'll be the first to tell you how easy it is to break in because defenses are so weak, if they exist at all...

Comments  (0)


Surviving a Public Infrastructure or Energy Grid Attack

September 27, 2012 Added by:Dan Dieterle

What would you do if the lights suddenly went out? Where would you get news from? Or more importantly water? Keep cool or get heat? Though many disregard warnings about critical infrastructure attacks what if the worst did happen, would you be prepared?

Comments  (2)


Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »